The ISP Column A monthly column on things Internet December 2007 Geoff Huston On the Hunt for Critical Internet Resources I’m writing this column in November, and that means that its time for the travelling circus known as the Internet Governance Forum (IGF) to come down to earth, unpack its tents and sell tickets for its annual song and dance routine. The script for this year’s show has been changed, and after being excluded from the main arena last year at the Athens gig, the headline act of “Critical Internet Resources” is taking a starring role this year in Rio. Some folk are even saying that it’s the single most contentious issue to be scheduled at this year’s IGF show. So what are “Critical Internet Resources” anyway? If folk are going to spend all this time, energy and carbon emissions travelling to Rio to talk on this topic, then wouldn’t it be helpful to understand what it means in the first place? There are probably a number of ways to answer this question, so in this heavily opinionated column I’d like to look at the range of possible answers to this question. The first answer lies in looking at the question from a purely personal perspective. I’m sitting here typing this on my laptop and the most critical resource for me right now is the reserves of battery power for my laptop. Without that then I’m hosed, and everything I’ve done in the past hour or two would also be lost, which makes battery power a pretty critical resource for me at the moment! But that’s more about my laptop and not the Internet per se. What’s critical for me with respect to the internet right now? Right now I’m connected to the network using a WiFi connection, so without this connection the internet ceases to exist for me. So it’s a case of no WiFi connection then no Internet either, so maybe that’s my critical internet resource. So with both of those resources at hand, then I’m set. So where I sit right now my needs in the critical internet resource department appear to be decent batteries and a good WiFi connection. Of course here I’m talking a pretty high threshold interpretation of “critical” here, in that “critical” means that if its not there then neither is the Internet. This implies that “critical” falls into the highest category of resources, namely those resources that if they are not available then the Internet is not available. So I’m still nominating my battery power and my WiFi connection as my most critical internet resources. But somehow I don’t think that the IGF spaceship has come down to earth for a week just to recharge my laptop’s batteries and install a few more WiFi base stations, so I guess I must be missing the point here. So maybe it’s a case of asking others by assembling a number of Internet users’ views and seeing what comes out as being the most popular in terms of critical internet resources. So maybe I should conduct a critical internet resource survey. Fortunately, Paul Wilson has already conducted such a survey in recent weeks, so I’ll save myself the effort and just look at what he found out when he asked some Internet users what they thought fell into the category of “Critical Internet Resources” The results of his survey are shown in the following table. What’s clear at the outset in scanning through the results of this informal survey is that the users Paul surveyed are clearly aware of the many diverse inputs that make up the Internet. Its also evident that the perception of what’s “critical” to the Internet is certainly quite a broad collection of inputs, and some of them are a little surprising. I can see the logic in nominating IP addresses, names, and standards as being critical to the Internet, but I’m personally not yet convinced that Internet Exchange Points are in the same category as being “critical” to the Internet. Sure IXP’s can produce locally advantaged outcomes by making local resources and local communications faster and cheaper for local users, and also encourage continued diversity and competition in the access market, but I’m not sure that its gets on to the “critical” list as in the internet absolutely relies on it. On the other hand cost is a real consideration for many users and the Internet is only available if it can be made available within a certain price threshold. So anything that makes the Internet affordable to users is properly considered to be a “critical” factor here. Infrastructure elements of the physical network appear to be commonly thought of as critical resources, although I recall that some element of the rationale for a stateless packet-based network architecture was to remove the critical role of any single physical infrastructure element and instead provide the network with the ability to route around various forms of component failure. Even so, this is an interesting list, in that it illustrates the diversity of inputs that support the operation and use of network, and in their own way each of these components is critical. Category Administration DNS ICANN/IANA Standards Names/Numbers/ASNs IP addresses/RIRs Administration Total Applications Email other Search Communications Information WWW Commerce 25 10 22 11 7 9 12 96 Electricity funding Openness Human Resources 2 2 8 3 15 Connectivity Core Devices International IXP Lastmile Peering QoS Security Ubiquity Routing 10 13 3 5 3 9 4 3 9 3 16 78 Applications Total Environment Environment Total Infrastructure Infrastructure Total Grand Total Total 30 3 5 6 10 54 243 What I find of most interest here is the recognition of the Internet as the sum of its application environment. There is no doubt that one of the more revolutionary aspects of the Internet has been in information models, and the advent of search engines has indeed been truly revolutionary. It seems so natural these days to type in anything at all into a search engine and generally get decent results back. Indeed its those times when the outcomes of the search engine don’t appear to be logically associated with the question that we regard as strange. And its only been a decade since we had nothing at all in this space. Equally, we now regard IM as staple diet of messaging and for many it is the critical application of the Internet. So, increasingly, we now are starting to describe the Internet in terms of the services and user environment that it enables, rather than the infrastructure requirements that are necessary to provide it, and now starting to look at this use environment as the internet’s most critical aspect. So maybe the hunt for critical internet resources should be Page 2 up at the application level, and looking at information and context as being the critical resources and all else as being derivatives from these basic and critical capabilities. But in that rarefied atmosphere of the heights of the international Internet policy and governance debate the term “Critical Internet Resources” appears to have a very different meaning. This phrase appears to be a code phrase that is intended to describe only the administration of the Internet’s naming and addressing domains. Now if you take a liberty here and broaden this definition out a bit and include DNS names and IP addresses themselves as well as their administration, then a case could be made that these are indeed critical to the Internet. Without addresses then what goes into a packet header? How are packets forwarded across the network? So from that perspective addresses appear to be somewhat critical to the Internet. But what sort of addresses are we talking about here? Globally unique addresses or private addresses? It certainly appears that far more of the Internet is numbered from private use address space than globally unique address space. So maybe its these private use addresses that are the critical Internet resource here, in which case it make little sense to attempt to connect the dots and infer that the administration of these addresses is a critical function, given that the addresses are not administered in any coordinated fashion. But even that claim needs to be put into some perspective. Is my street address a “Critical Postal Resource”? In some countries a street address is a set of directions that appears to make sense only in a very local context. It appears to be the same with IP addresses, in so far that they also have a scope and they are important only within that defined scope. Well what about DNS names then? The domain name business is an impressive achievement, if only by virtue of its somewhat surprising size and relative wealth. While the Internet’s carriage and access sectors appear to be still coming to terms with the harsh brutality of the term “competitive commodity utility” the domain name registry industry is apparently still trying to figure out what to do with all that money! From domain name tasting to sitefinders to IDNs the name business is apparently big business and an attractive one at that. But are names a “critical” resource? Well there is no particular shortage of names, and my having a domain name does not displace your having a name as well. And the telephone system has shown us how to construct a network whose presentation format is entirely based on digits, so its not immediately apparent for me to see than names are necessarily the “critical” internet resource. This hunt for “Critical Internet Resources” is still not coming up with an obvious short list. Maybe its routing slots. After all, we are told that the routing system cannot grow forever. It has finite capacity, and if routing does not work, or your address is not described in the routing system, then the Internet simply stops working for you. But does that make it a “critical” internet resource? There is no single routing system. There are a collection of local entities that operate their own local routing system and exchange information, and packets, with other entities, based on the operation of markets in peering and transit. The outcome is important, to be sure, but I’m still not convinced that this is the “critical” resource for the Internet. Routing technologies come and go. RIP is one of the ones that’s gone. Other evolve, or will get replaced in time. So its hard to construct the case that we are stuck with a particular routing technology with particular properties and particular critical vulnerabilities. Maybe this hunt is actually a pointless quest. Like many complex engineered systems in today’s world, the Internet is constructed using a very large collection of supply chains with a large and diverse collections of players and stakeholders and a huge set of interdependencies. One could make the case that critical internet resources encompass areas of silicon design and fabrication, power generation, laser technology and fibre cable manufacture, and so on. Indeed it is possible to make that case that almost every other industry has inputs into the Internet. And the Internet provides inputs to almost every other industry these days. We’ve constructed these systems building upon the outputs of other systems, and plugging their outputs into other systems. Its not a hierarchy, it’s a dense interconnection, and from this perspective the entire fabric is the “critical resource”. So it really doesn’t make a lot of sense to label one artefact or aspect of the Internet as a “critical resource” and not another. What then can we make of the hunt for these “Critical Internet Resources” that is being conducted by some countries in the hallways and performance arenas of the IGF? Perhaps its just another round in the endless cut and thrust of international politics, and the real list of “Critical Internet Resources” are those where some nations feel that other nations have a privileged or unfair position of control or influence. This appears to be a consistent theme of the World Summit on the Information Society meetings in 2005, and the first IGF meeting in 2006. Its true to say that the Internet was in many ways another example of the Law of Unintended Consequences in action, and the outcomes we have today were never planned in any particular fashion. It was just a research program that stumbled upon an extraordinarily effective marriage of computers and communications that then just grew and grew. And the original administrative arrangements for names and addresses were simply the outcomes of pragmatic decisions to achieve the best results within the available funds. When the Page 3 entire name and address administrative arrangements become the victim of the Internet’s runaway success then the successive refinements represented a compromise between what had happened in the past and what needed to happen at the time. If you take the view that the oversight of the governance of the name and address distribution infrastructure is a responsibility undertaken by ICANN by virtue of an agreement between this corporation and the government of the United States of America, then, yes, there is a nation that appears to be placed in a privileged position as compared to other nations, and when compared to other arrangements that rely on the underlying instrument of some form of an international treaty then, yes, this arrangement is different in many respects. Like many bold innovative experiments in international coordination and the establishment of new world orders, ICANN stands a strong risk of falling foul of an inherent conservatism in international politics, where the careful balancing of national interests is seen as being far more critical an objective than any actual outcomes that may be achieved from the process. From this perspective ICANN is critically reliant on its acceptance by all players of its legitimacy to operate in this space, and also critically reliant on acceptance of the proposition that these issues are best addressed in open forums of debate. This is a difficult task, and the set of outcomes that ICANN can point to as being products of this process do not install an absolute level of confidence that this process is stable, scaleable, and sustaining. Right now the proposition is not that ICANN represents an outstanding set of achievements, but that the track record of the alternatives have failed in various ways in the past and nothing has changed to prevent similar flawed decisions in the future. But this is a long way from “Critical Internet Resources”. Perhaps this particular matter was never about this topic in the first place. Perhaps the real matter was a perception that the US has overreached itself in securing a privileged role in the Internet administrative framework, and this has opened up an avenue for trenchant criticism in UN related forums. Its certainly the case in the context of the IGF that a number of other nations have been attempting to make some political mileage out of this situation by labelling these name and address administrative arrangements with the use of a particular phrase that has extensive connotations into areas of criticality and crisis, connotations into resources and resource management and connotations with the high frontier of technology and an increasingly technology-dominated future. What better than to label these arrangements “Critical Internet Resources?” So when we look at the use of this term in the context of the IGF we find, not surprisingly, an entire world of politics and related considerations of national positioning in an international context, but no actual “Critical Internet Resources”! This is, of course, shocking news. Its probable that you are not going to find the Internet’s most critical resource lurking in your computer or hidden in an equipment rack somewhere or sitting in a configuration state in the network. You are not going to find it in an application or service, and you are definitely not going to find the Internet’s most critical resources lurking in the corridors of the IGF meetings. I suspect that, as with any communications network, the most critical resource of the Internet, and the entire point of all of these public communications networks in the first place, is, simply, just users like you and me and our driving need to communicate. Disclaimer The above views do not necessarily represent the views or positions of the Asia Pacific Network Information Centre. About the Author GEOFF HUSTON holds a B.Sc. and a M.Sc. from the Australian National University. He has been closely involved with the development of the Internet for many years, particularly within Australia, where he was responsible for the initial build of the Internet within the Australian academic and research sector. He is author of a number of Internet-related books, and is currently the Chief Scientist at APNIC, the Regional Internet Registry serving the Asia Pacific region. He was a member of the Internet Architecture Board from 1999 until 2005, and served on the Board of the Internet Society from 1992 until 2001. http://www.potaroo.net Page 4